This page contains a list of all security vulnerabilities fixed in Network Configuration Manager along with its CVE ID and fixed build number. Go to ManageEngine's Security Response Center to report vulnerabilities on ManageEngine products.
| CVE ID | Synopsis | Severity | Fixed in version | Link to latest build |
|---|---|---|---|---|
| CVE-2020-10541 | Remote Code Execution (RCE) vulnerability in Mail Server Settings v1 APIs | High | 124172 | Download |
| CVE-2019-17421 | Incorrect file permissions on the packaged Nipper executable file. | Medium | 124079 & 124099 | |
| Internal | An operator user could access some restricted folders by bypassing the session. | High | 123241 | |
| CVE-2018-19403 | Unauthenticated Remote Code Execution (RCE) vulnerability | High | 123231 | |
| CVE-2018-12997, CVE-2018-12998 | Arbitrary web script injection vulnerability | High | 123169 |